[SCM] Samba Shared Repository - branch master updated
Matthias Dieter Wallnöfer
mdw at samba.org
Mon Jun 7 13:31:12 MDT 2010
The branch, master has been updated
via 99c9e35... ldb:pyldb.c - we cannot use "ldb_dn_compare" if both message DNs are NULL in "py_ldb_msg_compare"
via 0c3dfd7... s4 python: add more unit tests to verify the compare tests
via 1949864... s4:objectclass_attrs LDB module - move the single-valued attribute check into this module
via a75d271... s4:rdn_name LDB module - move the "distinguishedName" write prevent check here
from 9a747d5... s3:auth add hooks to indicate if signing or sealing is desired with NTLMSSP
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 99c9e358c54b170b01e614483514026fddbd2688
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Jun 7 21:26:33 2010 +0200
ldb:pyldb.c - we cannot use "ldb_dn_compare" if both message DNs are NULL in "py_ldb_msg_compare"
Discovered by the testcase.
commit 0c3dfd7a79d48ef5bdcd996537521868e479f1a4
Author: Matthieu Patou <mat at matws.net>
Date: Fri May 7 04:16:11 2010 +0400
s4 python: add more unit tests to verify the compare tests
commit 1949864417f3d10fb8996df7db259649eb777271
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Jun 7 20:46:59 2010 +0200
s4:objectclass_attrs LDB module - move the single-valued attribute check into this module
It seems to me more consistent (and also to keep the same behaviour on all
backends).
Also the DRS hack should therefore not be needed anymore since the
"repl_meta_data" module launches requests behind "objectclass_attrs".
commit a75d271373dbbff973544865c2c9715510d67669
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Jun 7 20:31:22 2010 +0200
s4:rdn_name LDB module - move the "distinguishedName" write prevent check here
In my eyes it fits better here than in the TDB backend code.
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 14 +++++-
source4/lib/ldb/ldb_tdb/ldb_tdb.c | 51 --------------------
source4/lib/ldb/modules/rdn_name.c | 6 ++
source4/lib/ldb/pyldb.c | 8 ++-
source4/lib/ldb/tests/python/api.py | 19 +++++++
5 files changed, 43 insertions(+), 55 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
index 042d26b..5b76a0b 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
@@ -180,7 +180,7 @@ static int attr_handler2(struct oc_context *ac)
}
/* Check if all specified attributes are valid in the given
- * objectclasses. */
+ * objectclasses and if they meet additional schema restrictions. */
msg = ac->search_res->message;
for (i = 0; i < msg->num_elements; i++) {
attr = dsdb_attribute_by_lDAPDisplayName(ac->schema,
@@ -189,6 +189,18 @@ static int attr_handler2(struct oc_context *ac)
return LDB_ERR_OPERATIONS_ERROR;
}
+ /* Check if they're single-valued if this is requested */
+ if ((msg->elements[i].num_values > 1) && (attr->isSingleValued)) {
+ ldb_asprintf_errstring(ldb, "objectclass_attrs: attribute '%s' on entry '%s' is single-valued!",
+ msg->elements[i].name,
+ ldb_dn_get_linearized(msg->dn));
+ if (ac->req->operation == LDB_ADD) {
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ } else {
+ return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
+ }
+ }
+
/* We can use "str_list_check" with "strcmp" here since the
* attribute informations from the schema are always equal
* up-down-cased. */
diff --git a/source4/lib/ldb/ldb_tdb/ldb_tdb.c b/source4/lib/ldb/ldb_tdb/ldb_tdb.c
index 42e1bd5..c421dda 100644
--- a/source4/lib/ldb/ldb_tdb/ldb_tdb.c
+++ b/source4/lib/ldb/ldb_tdb/ldb_tdb.c
@@ -294,20 +294,12 @@ static int ltdb_add_internal(struct ldb_module *module,
for (i=0;i<msg->num_elements;i++) {
struct ldb_message_element *el = &msg->elements[i];
- const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
if (el->num_values == 0) {
ldb_asprintf_errstring(ldb, "attribute %s on %s specified, but with 0 values (illegal)",
el->name, ldb_dn_get_linearized(msg->dn));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
- if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
- if (el->num_values > 1) {
- ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
- el->name, ldb_dn_get_linearized(msg->dn));
- return LDB_ERR_CONSTRAINT_VIOLATION;
- }
- }
}
ret = ltdb_store(module, msg, TDB_INSERT);
@@ -649,16 +641,8 @@ int ltdb_modify_internal(struct ldb_module *module,
for (i=0; i<msg->num_elements; i++) {
struct ldb_message_element *el = &msg->elements[i], *el2;
struct ldb_val *vals;
- const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
const char *dn;
- if (ldb_attr_cmp(el->name, "distinguishedName") == 0) {
- ldb_asprintf_errstring(ldb, "it is not permitted to perform a modify on 'distinguishedName' (use rename instead): %s",
- ldb_dn_get_linearized(msg2->dn));
- ret = LDB_ERR_CONSTRAINT_VIOLATION;
- goto done;
- }
-
switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
case LDB_FLAG_MOD_ADD:
@@ -692,15 +676,6 @@ int ltdb_modify_internal(struct ldb_module *module,
}
}
- if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
- if (el->num_values > 1) {
- ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
- el->name, ldb_dn_get_linearized(msg2->dn));
- ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
- goto done;
- }
- }
-
/* Checks if element already exists */
idx = find_element(msg2, el->name);
if (idx == -1) {
@@ -713,15 +688,6 @@ int ltdb_modify_internal(struct ldb_module *module,
goto done;
}
} else {
- /* We cannot add another value on a existing one
- if the attribute is single-valued */
- if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
- ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
- el->name, ldb_dn_get_linearized(msg2->dn));
- ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
- goto done;
- }
-
el2 = &(msg2->elements[idx]);
/* Check that values don't exist yet on multi-
@@ -779,23 +745,6 @@ int ltdb_modify_internal(struct ldb_module *module,
case LDB_FLAG_MOD_REPLACE:
- if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
- /* the RELAX control overrides this
- check for replace. This is needed as
- DRS replication can produce multiple
- values here for a single valued
- attribute when the values are deleted
- links
- */
- if (el->num_values > 1 &&
- (!req || !ldb_request_get_control(req, LDB_CONTROL_RELAX_OID))) {
- ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
- el->name, ldb_dn_get_linearized(msg2->dn));
- ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
- goto done;
- }
- }
-
/* TODO: This is O(n^2) - replace with more efficient check */
for (j=0; j<el->num_values; j++) {
if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
diff --git a/source4/lib/ldb/modules/rdn_name.c b/source4/lib/ldb/modules/rdn_name.c
index 38a1b6f..5dc122f 100644
--- a/source4/lib/ldb/modules/rdn_name.c
+++ b/source4/lib/ldb/modules/rdn_name.c
@@ -348,6 +348,12 @@ static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
return ldb_next_request(module, req);
}
+ if (ldb_msg_find_element(req->op.mod.message, "distinguishedName")) {
+ ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on %s not permitted, must use 'rename' operation instead",
+ ldb_dn_get_linearized(req->op.mod.message->dn));
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
if (ldb_msg_find_element(req->op.mod.message, "name")) {
ldb_asprintf_errstring(ldb, "Modify of 'name' on %s not permitted, must use 'rename' operation instead",
ldb_dn_get_linearized(req->op.mod.message->dn));
diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c
index bbb2e71..3a956ed 100644
--- a/source4/lib/ldb/pyldb.c
+++ b/source4/lib/ldb/pyldb.c
@@ -2087,9 +2087,11 @@ static int py_ldb_msg_compare(PyLdbMessageObject *py_msg1,
unsigned int i;
int ret;
- ret = ldb_dn_compare(msg1->dn, msg2->dn);
- if (ret != 0) {
- return ret;
+ if ((msg1->dn != NULL) || (msg2->dn != NULL)) {
+ ret = ldb_dn_compare(msg1->dn, msg2->dn);
+ if (ret != 0) {
+ return ret;
+ }
}
ret = msg1->num_elements - msg2->num_elements;
diff --git a/source4/lib/ldb/tests/python/api.py b/source4/lib/ldb/tests/python/api.py
index 001739b..4d9efb4 100755
--- a/source4/lib/ldb/tests/python/api.py
+++ b/source4/lib/ldb/tests/python/api.py
@@ -509,6 +509,25 @@ class LdbMsgTests(unittest.TestCase):
self.assertRaises(KeyError, lambda: msgdiff["foo"])
self.assertEquals(1, len(msgdiff))
+ def test_equal_empty(self):
+ msg1 = ldb.Message()
+ msg2 = ldb.Message()
+ self.assertEquals(msg1, msg2)
+
+ def test_equal_simplel(self):
+ db = ldb.Ldb("foo.tdb")
+ msg1 = ldb.Message()
+ msg1.dn = ldb.Dn(db, "foo=bar")
+ msg2 = ldb.Message()
+ msg2.dn = ldb.Dn(db, "foo=bar")
+ self.assertEquals(msg1, msg2)
+ msg1['foo'] = 'bar'
+ msg2['foo'] = 'bar'
+ self.assertEquals(msg1, msg2)
+ msg2['foo'] = 'blie'
+ self.assertNotEquals(msg1, msg2)
+ msg2['foo'] = 'blie'
+
class MessageElementTests(unittest.TestCase):
--
Samba Shared Repository
More information about the samba-cvs
mailing list